The massive cyber attack against German Internet providers last week has been a wake-up call for national intelligence concerned with cyber security. Nearly one million German Internet connections were hacked and put out of action.
German Internet services provider Deutsche Telekom said the disruption was part of a failed attempt to turn a large number of routers into part of a so-called “botnet” and that it was likely connected with other recent hacks around the world. Users could no longer access the Internet and many lost telephone and TV reception.
Berlin said that no government computers were affected, but there is concern that a foreign state was involved. Government officials have hinted that Russia was behind the attack, but haven’t pointed the finger directly at Moscow.
At all levels of German cyber protection and intelligence, there is an atmosphere of looming war – a cyber-war which could be waged against Germany, suddenly and without warning. They fear something like the recent attacks, but on a far larger scale.
The war footing has permeated the Federal Office for Information Technology (BSI), the Federal Criminal Intelligence Office, the Federal Office for the Protection of the Constitution (Germany’s domestic intelligence agency), and ZITiS, the Central Office for Information in the Security Sphere.
ZITiS is the new cyber-investigation unit which was recently created to monitor the “darknet”, in the wake of July’s shootings in Munich.
“That the federal government has not dealt with these questions for so many years is a serious failure and a real security problem.”
According to a report in Sunday’s Frankfurter Allgemeine Zeitung daily, the interior ministry wants to set up an additional unit of IT specialists who can be called up when there are cyber attacks on critical infrastructure. The ministry confirmed it was “considering the fundamentals” of cyber defense, but would not reveal any concrete details.
Government opposition is skeptical. “There’s no sign of a comprehensive government strategy to counter internet attacks,” Konstantin von Notz, the vice-chairman of the Green Party parliamentary group in the Bundestag and spokesman for internet policy, told the Handelsblatt.
“The ministries are in a greyhound race,” he added, pointing out that the defense ministry is also gearing up for cyber defense. “They all want to somehow dabble in the cybersphere.”
But the Greens say this has created “glaring constitutional problems,” depending on whether a cyber attack is coming from outside Germany or within borders. When is an attack the act of criminals and when is it the act of a state? What can be classified as preventive defense?
“That the federal government has not dealt with these questions for so many years is a serious failure and a real security problem,” the Greens have criticized.
According to the report, the interior ministry’s new crack unit would come into play when power stations, waterworks or such entities as the electronic systems of hospitals are threatened. It would then be necessary to neutralize attack tools and shut down aggressor servers in other countries.
Such a capability would be necessary when the country from where the attack originates is not prepared to cooperate. Germany’s ruling coalition is divided on this. The interior ministry, however, has optimistically claimed that its unit can be built up in two to three years.
The federal government is also concerned that Germany’s elections, scheduled for fall of next year, could be disrupted through cyber attacks and targeted misinformation campaigns in the Internet. Germany will have to adjust itself to an election battle of a different kind, the article stated. It’s feared that Russia could carry out cyber attacks and propaganda campaigns.
Intelligence services in the United States have already accused Russia of doing this in the recent presidential election. French intelligence services are warning of interference in the run-up of their own elections, which will take place in May.
According to the German government’s analysis, one scenario could prove particularly dangerous. If a number of different elements were to coincide – the sabotage of critical infrastructure by cyber attacks, together with a widespread disinformation campaign and the dissemination of damaging material gained through hacks – the results could be ruinous. Information gathered in the last year through hacking government networks could resurface during the election campaign to discredit targeted politicians.
Heike Anger is an editor for economics and politics at Handelsblatt and Handelsblatt Online. To contact the author: firstname.lastname@example.org.